February 18, 2012

Iran says Stuxnet virus infected 16,000 computers

02/18/12: The Boston Globe reports that a senior Iranian intelligence official says an estimated 16,000 computers were infected by the Stuxnet virus. The powerful virus targeted Iran's nuclear facilities and other industrial sites in 2010, and Tehran has acknowledged the malicious software affected a limited number of centrifuges -- a key component in nuclear fuel production. Iran has said its scientists discovered and neutralized the malware before it could cause serious damage, but also said it is facing difficulties obtaining anti-malware software because of international sanctions, forcing Iran to use its own experts to design the software.

11/15/11: The BBC reports that Iran has confirmed some of its computer systems were infected with the Duqu trojan, but said it has found a way to control the malware. Security organisations had previously identified Iran as one of at least eight countries targeted by the code. The spyware is believed to have been designed to steal data to help launch further cyber attacks.

10/25/11: The Washington Times reports that computer security researchers are warning that a new version of the sophisticated cyberweapon that sabotaged Iran’s nuclear program could be the precursor to a new wave of cyberattacks. The new weapon, dubbed Duqu, appears to use portions of the original source code from the Stuxnet worm that attacked computers at the Iranian nuclear plant at Natanz in 2009 and 2010.

10/19/11: Wired reports that a little more than one year after the infrastructure-destroying Stuxnet worm was discovered on computer systems in Iran, a new piece of malware using some of the same techniques has been found infecting systems in Europe, according to researchers at security firm Symantec. The new malware, dubbed “Duqu” [dü-kyü], contains parts that are nearly identical to Stuxnet and appears to have been written by the same authors behind Stuxnet, or at least by someone who had direct access to the Stuxnet source code, say leading experts.

09/20/11: The Washington Post reports that the mysterious computer worm known as Stuxnet has gained more than a little notoriety since it was discovered in the summer of 2010. It wreaked havoc on Iran’s nuclear program, and it heightened long-standing concerns about the potential for a cyber-attack on critical infrastructure in the West. Experts have said that the worm could easily serve as a blueprint to sabotage machines that are critical to power plants, electrical grids and other utilities in the United States and elsewhere.

08/03/11: CNN reports that the former director of the CIA's Counterterrorism Center raised concerns Wednesday about an impending "code war" in which hackers will tamper not just with the Internet but with technology that runs real-world infrastructure. He referenced last year's Stuxnet computer worm, which some researchers think was designed to attack Iran's nuclear facilities. "I'm here to tell ya ... the Stuxnet attack is the Rubicon of our future," he said. "I don't necessarily understand how this was executed, but the important points are (that) it was really expensive, so a nation-state had to be involved."

04/17/11: The Washington Post reports that a senior Iranian military official involved in investigating a mysterious computer worm targeting Iranian nuclear facilities and other industrial sites said Saturday the malware could have caused large-scale accidents and loss of life. The powerful computer worm known as Stuxnet has the ability to send centrifuges — used in nuclear fuel production — spinning out of control. Iranian experts are said to have determined that the United States and Israel were behind Stuxnet.

02/13/11: Wired reports that attackers behind the Stuxnet computer worm focused on targeting five organizations in Iran in order to reach their final target. The security firm Symantec has released a report explaining how the worm worked to target nuclear enrichment facilities in Iran, a process that took several months between 2009 and 2010.

01/27/11: The Miami Herald reports that the Stuxnet virus attack on Iran's nuclear program could have triggered a disaster comparable to the one in Chernobyl 25 years ago, according to Russia's envoy to NATO. Dmitry Rogozin urged NATO to join Moscow in investigating who created and unleashed the mysterious and destructive computer worm known as Stuxnet. The virus hit Iran's nuclear facilities last year, temporarily crippling its uranium enrichment program, which can make both nuclear fuel and the fissile core of warheads.

01/25/11: Opinio Juris has analyzed the possible legal issues of nations using viruses like Stuxnet against political adversaries. The Stuxnet worm is one of the first forms of malware to target SCADA systems that control infrastructure, and is credited with setting back Iran's nuclear program. To date, most of the discussion about Stuxnet has involved analysis of its contents, effects, and origins. However, there may be issues of legality for a nation-state deploying a weapon like Stuxnet.

12/28/10: Wired reports that a new report appears to add fuel to suspicions that the Stuxnet superworm was responsible for sabotaging centrifuges at a uranium-enrichment plant in Iran. The report, released by the Institute for Science and International Security, or ISIS, indicates that commands in the Stuxnet code intended to increase the frequency of devices targeted by the malware exactly match several frequencies at which rotors in centrifuges at Iran’s Natanz enrichment plant are designed to operate optimally or are at risk of breaking down and flying apart.

12/11/10: The Financial Times reports that the US has acknowledged that the Stuxnet computer worm helped slow Iran’s nuclear programme, and has come close to admitting the existence of a secret international drive to sabotage Tehran’s progress toward the bomb.

11/15/10: The Washington Post reports that the Stuxnet computer worm that infiltrated industrial systems in Iran this fall may have been specifically designed to attack the country's nuclear program, potentially crippling centrifuges used to enrich uranium gas, according to new research. Following the discovery of the Stuxnet virus, analysts said it was likely the creation of a sophisticated entity, namely a government agency. Speculation centered on the United States or Israel as the most likely originators of the worm.

10/09/10: The Washington Times reports that Iran revealed for the first time Saturday that some personnel at the country's nuclear facilities were lured by promises of money to pass secrets to the West, but that increased security and worker privileges have put a stop to the spying. In recent weeks, Iran has announced the arrest of several nuclear spies and battled a computer worm that it says is part of a covert Western plot to derail its nuclear program.